Disconnect policy for distributed computing systems
First Claim
1. A method for performing a disconnect policy that involves authorizing a data communication session between a client and a first server, the method comprising the computer-implemented steps of:
- determining that a second server cannot communicate with a third server that is normally responsible for authorizing the session;
receiving a request to establish a session for a particular entity associated with the client;
determining whether the third server is an authoritative server for the entity;
if the third server is the authoritative server for the entity, then determining at the second server whether the session should be established for the entity; and
determining to establish the session for the entity only upon determining that a then-current count of sessions maintained only by the second server is less than a total number of sessions that have been allocated for the entity.
1 Assignment
0 Petitions
Accused Products
Abstract
A mechanism for performing a disconnect policy involving authorizing a data communication session between a client and a first server is disclosed. The mechanism provides a failover scheme in which local servers record the number of active sessions that they have authorized for a particular user entity. Each user entity is assigned an authoritative server. The authoritative servers maintain global session information for each user entity in which they are assigned. When a local server cannot authorize a session for a particular user entity the local server communicates with the authoritative server to determine whether a session should be established for the user entity. If communication is lost between a local server and an authoritative server, the local server assumes that no other servers have authorized active sessions for the particular user entity. In a similar manner, the authoritative server assumes that the local server has not authorized any active sessions for the particular entity. Thus, both the local server and the authoritative server may independently authorize sessions for the user entity.
When communication is re-established between the local server and the authoritative server, the servers exchange information to recreate the current state. If it is determined that too many active sessions have been established for user entity, further authorization requests from the user entity are denied until the number of active sessions is reduced below an acceptable level. This, failover scheme removes the need for redundant servers and instead distributes the burden of redundancy to the local servers where communication problems are far less likely to occur.
-
Citations
24 Claims
-
1. A method for performing a disconnect policy that involves authorizing a data communication session between a client and a first server, the method comprising the computer-implemented steps of:
-
determining that a second server cannot communicate with a third server that is normally responsible for authorizing the session;
receiving a request to establish a session for a particular entity associated with the client;
determining whether the third server is an authoritative server for the entity;
if the third server is the authoritative server for the entity, then determining at the second server whether the session should be established for the entity; and
determining to establish the session for the entity only upon determining that a then-current count of sessions maintained only by the second server is less than a total number of sessions that have been allocated for the entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
creating and storing a local session counter value that indicates a first number of active sessions that have been authorized for the particular entity by the second server;
creating and storing a global allocated sessions value that indicates a second number of sessions that have been allocated for the particular entity by the third server; and
determining to establish the session for the entity only upon determining that the local session counter value is less than the global allocated sessions value.
-
-
4. The method as recited in claim 1, further comprising the steps of storing and maintaining data that is associated with the second server, wherein the data includes,
a local session established counter value that indicates a first number of sessions that have been authorized for the particular entity by the second server and which are still currently active; - and
an allocated sessions threshold value that indicates a second number of sessions that have been allocated for the particular entity.
- and
-
5. The method as recited in claim 1, further comprising the steps of storing and maintaining data that is associated with the second server, wherein the data includes,
a local session counter value that indicates a third number of sessions that are currently active for the particular entity; - and
a local session threshold value that indicates a fourth number of sessions that may be currently active before sessions cannot be authorized locally by the second server.
- and
-
6. The method as recited in claim 1, further comprising the steps of storing and maintaining data that is associated with the second server, wherein the data includes an authoritative distribution session counter identifier that identifies an authoritative server that maintains global session information for authorizing sessions for the entity.
-
7. The method a s recited in claim 1, wherein the step of determining at the second server whether the session should be established for the particular entity comprises the steps of:
-
determining a local session established counter value that indicates a first number of sessions that have been authorized for the particular entity by the second server and which are still currently active;
determining an allocated sessions threshold value that indicates a second number of sessions that have been allocated for the particular entity; and
comparing the local session established counter value with the allocated sessions threshold value to determine whether the session should be established for the particular entity.
-
-
8. The method as recited in claim 7, wherein the step of comparing comprises the steps of:
if the value of the local session established counter is less than the value of the allocated sessions threshold then determining that the session should be established.
-
9. The method as recited in claim 1, further comprising the steps of:
-
if the third server is not the authoritative server for the entity, then determining whether the session can be locally authorized at a second server;
if authorization of the session can be performed locally at the second server, then informing the first server that the session may be established between the client and the first server for the entity; and
informing a fourth server that the session has been authorized to be established for the entity, wherein the fourth server is the authoritative server for the entity.
-
-
10. The method as recited in claim 9, further comprising the steps of:
-
if authorization of the session cannot be performed locally at the second server then, requesting the fourth server to authorize the session between the client and the first server; and
informing the first server, based on a response received from the fourth server, whether the session may be authorized.
-
-
11. The method as recited in claim 9, wherein the step of determining whether authorization of the session can be performed locally at the second server comprises the steps of:
-
determining a local session counter value that indicates a third number of sessions that are currently active for the particular entity;
determining a local session threshold value that indicates a threshold as to a fourth number of sessions that may be currently active before sessions cannot be authorized locally by the second server; and
comparing the local session counter value with the local session threshold value to determine whether authorization of the session can be performed locally at the second server.
-
-
12. The method as recited in claim 1, further comprising the steps of:
-
prior to determining that said second server cannot communicate with said third server, receiving from the third server a global session threshold value that indicates a fifth number of sessions that have been allocated for the entity; and
storing the global session threshold value in a portion of memory that is associated with the second server.
-
-
13. The method as recited in claim 1, further comprising the steps of:
-
after determining that the second server can again communicate with the third server, sending session information from the second server to the third server, wherein the session information indicates a sixth number of sessions that have been authorized for the particular entity by the second server and which are currently active.
-
-
14. A method for performing a disconnect policy involving authorizing, after a failure, a data communication session between a client and a first server, the method comprising the computer-implemented steps of:
-
after the failure, determining that a second server cannot communicate with a third server;
identifying one or more sessions that were authorized by the second server and which are currently active for a particular entity, wherein the third server is assigned as an authoritative server for the particular entity;
calculating a global session counter value that indicates a first number of sessions that are currently active for the particular entity, wherein the global session counter value does not include the one or more sessions that have been authorized by the second server and which are currently active for the particular entity; and
upon receiving a request to authorize a session for the particular entity, determining whether the session should be established by comparing the global session counter value with a global session threshold value, wherein the global session threshold indicates a second number of sessions that have been allocated for the particular entity is associated.
-
-
15. A method for performing a disconnect policy involving broadcasting, after a failure, session information to one or more servers, the method comprising the computer-implemented steps of:
-
after the failure, determining that a first server cannot communicate with a second server;
identifying one or more sessions that were authorized by the second server and which are currently active for a particular entity, wherein the first server is assigned as an authoritative server for the particular entity;
calculating a global session counter value that indicates a first number of sessions that are currently active for the particular entity, wherein the global session counter value does not include the one or more sessions that have been authorized by the second server and which are currently active for the particular entity;
determining whether one or more other servers have previously authorized sessions for the particular entity; and
if one or more other servers have previously authorized sessions for the particular entity, then informing the one or more other servers of the calculated global session counter value. - View Dependent Claims (16, 17, 18)
upon receiving a request to authorize a session for the particular entity from the one or more other servers, determining whether the session should be established by comparing the calculated global session counter value with a global session threshold value, wherein the global session threshold indicates a second number of sessions that have been allocated for the particular entity.
-
-
17. The method as recited in claim 16, wherein the step of receiving the request comprises the step of receiving a connection request that requests authorization to establish a Point-to-Point Protocol session between the client and the first server.
-
18. The method as recited in claim 15, wherein:
-
prior to the failure, maintaining data that is associated with the first server, wherein the data includes a server list, wherein the server list identifies servers that have previously authorized sessions for the particular entity; and
for each server identified, a session counter value that indicates a third number of sessions that it has authorized and which are currently active for the particular entity.
-
-
19. A computer-readable medium carrying one or more sequences of instructions for authorizing, after a failure, a data communication session between a client and a first server, wherein execution of the one or more sequences of instructions by one or more processors causes the one or more processors to perform the steps of:
-
after the failure, determining that a second server cannot communicate with a third server;
receiving a request to establish a session for a particular entity, wherein the particular entity is associated with the client;
determining whether the third server is assigned as an authoritative server for the particular entity;
if the third server is assigned as the authoritative server for the particular entity, then determining at the second server whether the session should be established for the particular entity;
determining to establish the session for the entity only upon determining that a then-current count of sessions maintained only by the second server is less than a total number of sessions that have been allocated for the entity.
-
-
20. A computer-readable medium carrying one or more sequences of instructions for authorizing, after a failure, a data communication session between a client and a first server, wherein execution of the one or more sequences of instructions by one or more processors causes the one or more processors to perform the steps of:
-
determining that a second server cannot communicate with a third server;
identifying one or more sessions that were authorized by the second server and which are currently active for a particular entity, wherein the third server is assigned as an authoritative server for the particular entity;
calculating a global session counter value that indicates a first number of sessions that are currently active for the particular entity, wherein the global session counter value does not include the one or more sessions that have been authorized by the second server and which are currently active for the particular entity; and
upon receiving a request to authorize a session for the particular entity, determining whether the session should be established by comparing the global session counter value with a global session threshold value, wherein the global session threshold indicates a second number of sessions that have been allocated for the particular entity is associated.
-
-
21. A computer-readable medium carrying one or more sequences of instructions for broadcasting, after a failure, session information to one or more servers, wherein execution of the one or more sequences of instructions by one or more processors causes the one or more processors to perform the steps of:
-
determining that a first server cannot communicate with a second server;
identifying one or more sessions that were authorized by the second server and which are currently active for a particular entity, wherein the first server is assigned as an authoritative server for the particular entity;
calculating a global session counter value that indicates a first number of sessions that are currently active for the particular entity, wherein the global session counter value does not include the one or more sessions that have been authorized by the second server and which are currently active for the particular entity;
determining whether one or more other servers have previously authorized sessions for the particular entity; and
if one or more other servers have previously authorized sessions for the particular entity, then informing the one or more other servers of the calculated global session counter value.
-
-
22. A computer apparatus comprising:
-
a processor; and
a memory coupled to the processor, the memory containing one or more sequences of instructions for authorizing, after a failure, a data communication session between a client and a first server, wherein execution of the one or more sequences of instructions by the processor causes the processor to perform the steps of;
after the failure, determining that a second server cannot communicate with a third server;
receiving a request to establish a session for a particular entity, wherein the particular entity is associated with the client;
determining whether the third server is assigned as an authoritative server for the particular entity; and
if the third server is assigned as the authoritative server for the particular entity, then determining at the second server whether the session should be established for the particular entity; and
determining to establish the session for the entity only upon determining that a then-current count of sessions maintained only by the second server is less than a total number of sessions that have been allocated for the entity.
-
-
23. A computer apparatus comprising:
-
a processor; and
a memory coupled to the processor, the memory containing one or more sequences of instructions for authorizing, after a failure, a data communication session between a client and a first server, wherein execution of the one or more sequences of instructions by the processor causes the processor to perform the steps of;
determining that a second server cannot communicate with a third server;
identifying one or more sessions that were authorized by the second server and which are currently active for a particular entity, wherein the third server is assigned as an authoritative server for the particular entity;
calculating a global session counter value that indicates a first number of sessions that are currently active for the particular entity, wherein the global session counter value does not include the one or more sessions that have been authorized by the second server and which are currently active for the particular entity; and
upon receiving a request to authorize a session for the particular entity, determining whether the session should be established by comparing the global session counter value with a global session threshold value, wherein the global session threshold indicates a second number of sessions that have been allocated for the particular entity is associated.
-
-
24. A computer apparatus comprising:
-
a processor; and
a memory coupled to the processor, the memory containing one or more sequences of instructions for broadcasting, after a failure, session information to one or more servers, wherein execution of the one or more sequences of instructions by the processor causes the processor to perform the steps of;
determining that a first server cannot communicate with a second server;
identifying one or more sessions that were authorized by the second server and which are currently active for a particular entity, wherein the first server is assigned as an authoritative server for the particular entity;
calculating a global session counter value that indicates a first number of sessions that are currently active for the particular entity, wherein the global session counter value does not include the one or more sessions that have been authorized by the second server and which are currently active for the particular entity;
determining whether one or more other servers have previously authorized sessions for the particular entity; and
if one or more other servers have previously authorized sessions for the particular entity, then informing the one or more other servers of the calculated global session counter value.
-
Specification